Yubico Forum

?appId
"http://localhost:52701"

?Utils.ByteArrayToBase64String(U2F.Crypto.Hash(appId))
"ENIbQIWZ9ZHrY48rknvb_PjHS6RGN-wkcKM_n0gjCHw"


The results of Crypto.Hash are different between Java and .NET code. Here is the .NET code.

private readonly SHA256Managed _sha256Managed = new SHA256Managed();

public byte[] Hash(byte[] bytes)
{
try
{
return _sha256Managed.ComputeHash(bytes);
}
catch (Exception e)
{
throw new UnsupportedOperationException("Error when computing SHA-256", e);
}
}

public byte[] Hash(string str)
{
byte[] bytes = new byte[str.Length*sizeof (char)];
Buffer.BlockCopy(str.ToCharArray(), 0, bytes, 0, bytes.Length);

return Hash(bytes);
}

This code returned the correct results in VerifySignature!!! I applied the same changes to both the Register and Sign pages and both return the correct responses. I also checked that a false value is returned for VerifySignature() if the Signature array is reversed. Thank you so much for your help.

byte[] appIdHash = Encoding.ASCII.GetBytes(appId);
byte[] clientHash = Encoding.ASCII.GetBytes(clientData);

byte[] signedBytes = PackBytesToSign(
U2F.Crypto.Hash(appIdHash),
U2F.Crypto.Hash(clientHash),
KeyHandle,
UserPublicKey
);

Great! Glad I could help